Connect with us

Hi, what are you looking for?



Hacker Falsely Claiming to Breach FireEye Arrested, CEO Says

The hacker who falsely claimed to have breached FireEye — it was just the personal online accounts of one employee — was arrested by international law enforcement and taken into custody on October 26, FireEye CEO Kevin Mandia said Wednesday.

The hacker who falsely claimed to have breached FireEye — it was just the personal online accounts of one employee — was arrested by international law enforcement and taken into custody on October 26, FireEye CEO Kevin Mandia said Wednesday.

“These attackers rarely, if ever get caught and therefore I’m pleased, that in this case we’re able to impose repercussions for the attacker and achieve a small victory for the good guys,” Mandia said during a conference call.

He did not provide the name for the hacker, nor the location for the arrest. In July 2017, the hacker made grandiose claims that he was part of a new LeakTheAnalyst operation aimed at doxing the security professionals who hunt hackers. “Let’s trash their reputation in the field,” he posted to Pastebin. In reality, he had little of any value, taken from the online accounts of one FireEye employee.

According to FireEye’s CFO Frank Verdecanna, the incident is not thought to have had any significant negative effect on FireEye’s financial performance over the last three months, beyond the internal cost and time required to investigate the hacker’s claims. “I don’t want to underestimate the unfairness of the situation of an anonymous person making false claims,” Mandia told CRN. “You have to prove the negative, which is really annoying.”       

The hacker’s arrest was announced at FireEye’s Q3 Earnings Results Conference Call on Wednesday. While Q3 performance was a little better than expected, FireEye is still yet to report a profit since it went public in 2013. During Q3, the net loss attributable to shareholders narrowed to $72.9 million (41 cents per share) from $123.4 million (75 cents per share) a year earlier.

This would indicate that FireEye is moving in the right direction. However, investors were disappointed in the forecasts made for Q4. “For Q4, we’re now expecting billings in the range of $210 million to $230 million, and revenue in the range of $190 million to $196 million,” announced Verdecanna. He believes that the firm is on track to deliver non-GAAP operating profitability in Q4.

Investors evidently hoped for better. Analysts, on average, were expecting total revenue of about $195.6 million, at the top end of FireEye’s forecast, according to Thomson Reuters I/B/E/S. The effect was an immediate tumble in share price on NASDAQ in aftermarket trading (at the time of publishing, it is down 12%).

Advertisement. Scroll to continue reading.

In publicity terms, it has been a challenging period for FireEye. Apart from the alleged hack and the new tumble in share price, it has been employed to investigate the massive Equifax breach. While this is positive, the firm reportedly removed a case study from its website where Equifax endorsed FireEye for protecting it from zero-day attacks. However, FireEye’s technology is typically used to protect against advanced malware attacks that leverage zero-day vulnerabilities in popular operating systems and business applications such as Microsoft Office and Adobe Flash. The Equifax hack was pulled off by leveraging a vulnerability in Apache Struts, which was used by a web application and allowed the attack to happen assumingly without requiring malware to be used.

One positive area for FireEye is strong growth in sales of its new Helix product announced in November 2016. Helix helps accelerate incident response with automation and orchestration by leveraging detection capabilities from FireEye’s Endpoint Security (HX) and Network Security (NX) engines, along with FireEye iSIGHT Intelligence.

“Both FireEye as a service and iSIGHT threat intelligence had strong quarters, and we added 57 new Helix customers bringing the total to 71,” announced Verdecanna. It remains slow progress for FireEye, but it still expects to report profits in 2018.

FireEye went public in September 2013, with the share price immediately soaring by more than 90% before settling at around $38.74. At the time of writing this, it is $14.45. FireEye purchased Mandiant for $1 billion in January 2014. Mandiant’s Kevin Mandia took over as CEO at FireEye in June 2016. 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...